Re: Traffic Between Hosts

zeitzytoun · ‎11-24-2020

Hello,

How can we track the traffic between PC1 and PC3 (send and receive) through CLI, so we get the switches where the traffic passed through.

Note: The used switches are cisco SF302 and SG300.

Thanks in advance.

Asemmoqbel · ‎11-24-2020

Hi,

I guess I can't exactly understand what you need to do.

Do you want to track the traffic for monitoring purposes or do you want to track the traffic to know exactly where the two pcs are connected and how the traffic is passing between them?

Best Regards

Asem

zeitzytoun · ‎11-24-2020

Hi,

I need to track both of them, and end up with a list of switches where the traffic passed through (example source:PC1 destination: PC3 switches list: S1 -> D1 -> ..... -> S5 )

Thanks in advance.

Asemmoqbel · ‎11-24-2020

Ok now I get you.

the best way to do this is by using ARP and mac-address tables.

Let's say Pc1 IP is 10.10.10.10 and its mac is AAAA.BBBB.CCCC for example.

when you login to SW D1 and issue "show arp", you should find ARP entry for Pc1 and if you don't find entry ping Pc1 from D1 to place arp entry. Then, issue this command "show mac address-table | inc <AAAA.BBBB.CCCC> " in this table you will find information related to this mac address and you will see the interface which SW D1 received the mac-address from and this interface surely will be connected to SW s1.

When you login to Sw s1 and perform the same method, you will find the interface that exactly connected to Pc1.

As I described above, you can perform this on any switch to tack any device. All you need is to use arp table to get the mac address of certain IP and mac table to know exactly where the frame is received from.

I hope this is clear.

Please rate if it helps you..

Best regards

Asem